|
PHP - Login Check Issue
Hi all
I have the below login scripts which works great, I need to add a line in to give the user a message if the 'live' entry in the database is 0. Here's my code: Code: [Select] <?php if(isset($_POST['submit'])) { $error = false; $user_login = ($_POST['user_login']); $pass_login = ($_POST['pass_login']); if(!empty($user_login) && !empty($pass_login)) { $check_details=mysql_query("SELECT * FROM `members` WHERE email='".$user_login."' AND password='".sha1($pass_login)."' AND live = 1"); $getdetails=mysql_fetch_array($check_details); $status=mysql_num_rows($check_details); if($status >= "1") { $error = false; $_SESSION['wmmadmin_loggedin'] = "1"; $_SESSION['wmmadmin_email'] = "".$user_login.""; $_SESSION['wmmadmin_username'] = "".$getdetails['name'].""; $_SESSION['wmmadmin_country'] = "".$getdetails['country'].""; $date = date('l jS \of F Y h:i:s A'); mysql_query(" INSERT INTO `logs` SET user = '".$getdetails['name']."', date = '".$date."'" ); header("Location: index.php"); } if(!$status || $status == "0") { $error = true; echo "<div class=\"error\">Error! Login details were incorrect. </div>\n"; echo "<div class=\"error\">Forgot your password? Click the below link: </div>\n"; } } if(empty($user_login) || empty($pass_login)) { $error = true; echo "<div class=\"error\"><strong>Please enter your username and password. </div>\n"; echo "<div class=\"error\">Forgot your password? Click the below link: </div>\n"; } } ?> Many thanks for your help. Pete Similar TutorialsHi, I am trying to perform a login check and redirect the form to index.php if the username and password are correct. Also the login page check if the fields are entered or not. The issue is that the login check is performing but not redirecting to index.php. Also I'm not getting any error after performing the login check. Let me know if I'm making any errors in below code. the include file only contains the database details. Code: [Select] <?php include("connections.php"); ?> <?php if(isset($_POST['submit'])) { $errors=array(); $required_fields=array('username', 'pass'); foreach($required_fields as $fields) { if(!isset($_POST[$fields]) || empty($_POST[$fields])) { $errors[]=$fields; } } if(empty($errors)) { $username=trim($_POST['username']); $password =trim($_POST['pass']); $query= "SELECT * FROM users WHERE username='{$username}' AND hashed_password='{$password}' "; $result=mysql_query($query); $result_set=mysql_fetch_array($result); if(mysql_num_rows($result_set) == 1) { header('location: index.php'); exit; } else { echo 'Invalid password'; } } } ?> Hi everyone i wonder if you can help me he I need a script for a login and check login- create cookie. Here is my form: <form method="post" action="check_login.php"> <p> <input type="submit" name="Submit2" value="go" /> </fieldset> </p> </form> that sends it to check_login (which BEFORE i deleted something by accident, used to take me to a username and password box) But now all it does is send me straight to the memebrs area??? Can i change the check_login.php script to make it work correctly: Code: [Select] <?php // Connects to your Database mysql_connect("server", "user", "password") or die(mysql_error()); mysql_select_db("DB") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['upassword']) { } else { header("Location: members_area.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['upassword']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['upassword'] = stripslashes($_POST['upassword']); $info['upassword'] = stripslashes($info['upassword']); $_POST['upassword'] = md5($_POST['upassword']); //gives error if the password is wrong if ($_POST['upassword'] != $info['upassword']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['upassword'], $hour); //then redirect them to the members area header("Location: members_area.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="upassword" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> Hey guys, How do I check to see if the user has been login on the page that they are on? I have a login and I want users to login before then can go to other pages. thanks guys, I want to limit the number of incorrect login attempts within a specified time period (e.g. 15 minutes). I'm wondering what I should tie those attempts to. e.g. If too many attempts from one ip address for a specific username, lock them out for 15 minutes? Or too many attempts from any ip address for a specific username? Or too many attempts for an ip address matched loosely (i.e. 255.255.255.0 matching) with a specific username? What's the best choice? Just too many attempts for a username? Or also use the ip address? And should I store the attempts in the session, or the DB? When I log in on my web-site it takes me to a php login-check page This is the error code that I am getting; Quote Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in D:\xampp\htdocs\login-check.php on line 26 This is the php code that i am using; Code: [Select] <?php $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="deliverpizza"; // Database name $tbl_name="customer, admin, staff"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_privelage.php"); } else { } ?> Hi all... This is the form post link of amazon login https://www.amazon.com/gp/flex/sign-in/help-select.html/ref=ya_sign_in_ This is my script and i am unable to submit values . please help <?php $user="aaa@aaa.com"; $password="ssdddd"; $data="email=".$user."&password=".$password."useRedirectOnSuccess=1&path=https://www.amazon.com/gp/css/homepage.html&action=sign-in&protocol=https"; curl_setopt($curl, CURLOPT_URL, "https://www.amazon.com/gp/flex/sign-in/help-select.html/ref=ya_sign_in_"); curl_setopt($curl,CURLOPT_CONNECTTIMEOUT,20); curl_setopt($curl, CURLOPT_REFERER, "https://www.amazon.com/"); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $data); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 3); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE); $result = curl_exec($curl); curl_close($curl); ?> Help will be appreciated <?php session_start( ); include_once( dirname( __FILE__ )."/../inc/func/get_sth.php" ); include_once( _ABSPATH_."/inc/func/header.php" ); if ( $_GET["f"] == "login" ) { $adminuser = strtolower( strip_tags( trim( $_POST["adminuser"] ) ) ); $r_0 = strtolower( strip_tags( trim( $_SESSION["r"] ) ) ); $r_1 = strtolower( strip_tags( trim( $_POST["r"] ) ) ); if ( $r_0 == $r_1 ) { $result = mysql_query( "SELECT password FROM admin where adminuser='".$adminuser."'" ); $val = mysql_fetch_array( $result ); if ( !$val["password"] ) { $loginfail = 1; } else { if ( $val[password] === md5( $_POST["password"] ) ) { $_SESSION['admin'] = $adminuser; header( "Location: ./" ); exit( ); } $loginfail = 1; } } else { $loginfail = 2; } } $page_title = l( "Administration Login" )." | ".get_sitename( ); $smarty->assign( "page_title", $page_title ); $smarty->assign( "loginfail", $loginfail ); $smarty->display( "mgt/login.tpl" ); ?> Hi experts,I have the following problem.I have a file login.php which is used to allow users to log in.When the form is submitted it is redirected to checkuserlogin.php.If the credentials are right he is redirected to main.php.But in main.php if the user clicks back browser button,he is redirected to login.php and in login.php if he presses forward button,he is redirected to main.php.Can any one tell he how to make sure the application is not redirected to main.php when user presses forward button and how to make sure the application is not redirected to login.php when user presses back button.
i just discovered a hole in my scripts relating to access . 1. have a simple login form 2. based on the type of user , he is directed to a page for his options . 3. I now realise that altho each page therefter checks for sessions of the user , he can easily change the url to that of another user and there is no way to prevent it. 4. How can i make sure that each time a page is accessed it is only by the user whom it is meant for. Relevant code snippets below . Thanks ! Swati login.php --------- <?php //error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); //Process this if statement only if form was submitted if($_POST['submit']){ session_start(); $username=$_POST['username']; $password=$_POST['password']; include ("link.php"); // contains db info //Test for login success $sql = "SELECT * FROM Users WHERE Username='$username' AND Password = '$password'"; $result = mysql_query($sql); if ($myrow = mysql_fetch_assoc($result)){ // echo $sql; $login_success = 'Yes'; $userid = $myrow["Userid"]; $usertype = $myrow["UTID"]; $status = "On"; $url = $PHP_SELF."?".$_SERVER['QUERY_STRING'];; $logout = 'logout.php'; $_SESSION['id']=session_id(); $_SESSION['userid']=$userid; $_SESSION['usertype']=$usertype; $sql2= "insert into Log (Sessionid,Userid,IP,Date,File, Status) values('$_SESSION[id]','$userid','$ip','$tm', '$url', '$status')"; $result2 = mysql_query($sql2) or die ('no access to database: ' . mysql_error()); // echo mysql_error(); } } } ?> Each subsequent page has this header ============================== <? header("Cache-Control: public"); include ("log.php"); //db info for DB along with session start if(!isset($_SESSION['userid'])){ echo "<center><font face='Calibri' size='2' color=red>Sorry, Please login and use this page </font></center>"; exit;} ?> The url of each page : Code: [Select] www.abc.com/example/type1.php?Userid=USER1ID and such a user can easily change the url to Code: [Select] www.abc.com/example/type2.php?Userid=USER1ID and access all the options of type2.php I have a pretty basic PHP log in code connected to a database of register users. However, it's not allowing any users to enter? Could someone please review the code and let me know if you find any errors? //Create query $qry="SELECT * FROM customers WHERE username='$login' AND password='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['id']; $_SESSION['SESS_FIRST_NAME'] = $member['fname']; $_SESSION['SESS_LAST_NAME'] = $member['lname']; session_write_close(); header("location: key_catalog.php"); exit(); }else { //Login failed header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> I have a problem with login issue that when i loggin as student from index.php it should bring me to student_home php.. but it doesnt show anything and just bring me to index.php back.. i mixed up about header and session part..
index.php
<?php
include('header.php');
//Start session
session_start();
//Unset the variables stored in session
unset($_SESSION['id']);
?>
<body>
<?php include('navhead.php'); ?>
<div class="container">
<div class="row-fluid">
<div class="span3">
<div class="hero-unit-3">
<div class="alert-index alert-success">
<i class="icon-calendar icon-large"></i>
<?php
$Today = date('y:m:d');
$new = date('l, F d, Y', strtotime($Today));
echo $new;
?>
</div>
</div>
<div class="hero-unit-1">
<ul class="nav nav-pills nav-stacked">
<li class="nav-header">Links</li>
<li class="active"><a href="#"><i class="icon-home icon-large"></i> Home
<div class="pull-right">
<i class="icon-double-angle-right icon-large"></i>
</div>
</a></li>
<li><a href="sitemap.php"><i class="icon-sitemap icon-large"></i> Site Map
<div class="pull-right">
<i class="icon-double-angle-right icon-large"></i>
</div>
</a></li>
<li><a href="contact.php"><i class="icon-envelope-alt icon-large"></i> Contact Us
<div class="pull-right">
<i class="icon-double-angle-right icon-large"></i>
</div>
</a>
</li>
<li class="nav-header">About US</li>
<li><a href="#mission" role="button" data-toggle="modal"><i class="icon-book icon-large"></i> Mission
<div class="pull-right">
<i class="icon-double-angle-right icon-large"></i>
</div>
</a></li>
<li><a href="#vision" role="button" data-toggle="modal"><i class="icon-book icon-large"></i> Vision
<div class="pull-right">
<i class="icon-double-angle-right icon-large"></i>
</div>
</a></li>
<li><a href="history.php"><i class="icon-list-alt icon-large"></i> History
<div class="pull-right">
<i class="icon-double-angle-right icon-large"></i>
</div>
</a></li>
</ul>
</div>
<br>
</div>
<div class="span9">
<section class="main">
<div class="custom-calendar-wrap">
<div id="custom-inner" class="custom-inner">
<div class="custom-header clearfix">
<nav>
<span id="custom-prev" class="custom-prev"></span>
<span id="custom-next" class="custom-next"></span>
</nav>
<h2 id="custom-month" class="custom-month"></h2>
<h3 id="custom-year" class="custom-year"></h3>
</div>
<div id="calendar" class="fc-calendar-container"></div>
</div>
</div>
</section>
<div class="alert alert-info">
<button type="button" class="close" data-dismiss="alert">×</button>
<strong>Head Up!</strong> Welcome to Morpheus.
</div>
<div class="slider-wrapper theme-default">
<?php include('slider.php'); ?>
</div>
<!-- end slider -->
</div>
</div>
</div>
<!---------------->
<div class="container">
<div class="row-fluid">
<div class="span12">
<div class="row-fluid">
<div class="span9">
<div class="alert alert-success"><i class="icon-file icon-large"></i> <strong>Mission</strong></div>
<div class="hero-unit-2">
Announcements
</div>
</div>
<div class="span3">
<div class="alert alert-info">
<i class="icon-building icon-large"></i> Faculty
</div>
<div class="hero-unit-3">
<p><a href=""><i class="icon-sign-blank"></i> Faculty</a></p>
<p><a href=""><i class="icon-sign-blank"></i> Faculty</a></p>
<p><a href=""><i class="icon-sign-blank"></i> Faculty</a></p>
<p><a href=""><i class="icon-sign-blank"></i> Faculty</a></p>
</div>
</div>
</div>
</div>
</div>
<br>
<div class="alert alert-success"><i class="icon-file icon-large"></i> <strong>Project</strong></div>
<div class="hero-unit-2">
Project
</div>
<?php include('footer.php'); ?>
</div>
</body>
</html>
navhead.php
<div class="row-fluid">
<div class="span12">
<div class="navbar navbar-fixed-top navbar-inverse">
<div class="navbar-inner">
<div class="container">
<a class="btn btn-navbar" data-toggle="collapse" data-targer=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</a>
<div class="nav-collapse collapse">
<i class="icon-facebook-sign icon-large" id="color_white"></i>
<i class="icon-twitter icon-large" id="color_white"></i>
<i class="icon-google-plus icon-large" id="color_white"></i>
<i class="icon-github-alt icon-large" id="color_white"></i>
<i class="icon-linkedin-sign icon-large" id="color_white"></i>
<div class="pull-right">
<form class="navbar-search pull-left">
<i class="icon-search icon-large" id="color_white"></i>
<input type="text" class="search-query" placeholder="Search">
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="hero-unit-header">
<div class="container">
<div class="row-fluid">
<div class="span12">
<div class="row-fluid">
<div class="span6">
<img src="admin/images/head.png">
</div>
<div class="span6">
<div class="pull-right">
<!--- login button -->
<div class="btn-group">
<button class="btn btn-success"><i class="icon-signin icon-large"></i> Login</button>
<button class="btn dropdown-toggle" data-toggle="dropdown">
<span class="caret"></span>
</button>
<ul class="dropdown-menu">
<li><a href="#student" role="button" data-toggle="modal"><i class="icon-user icon-large"></i> Student</a></li>
<li><a href="#teacher" role="button" data-toggle="modal"><i class="icon-user-md icon-large"></i> Teacher</a></li>
</ul>
</div>
<!-- end login -->
<?php include('student_modal.php'); ?>
<?php include('teacher_modal.php'); ?>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
student_modal.php
<div id="student" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-header">
</div>
<div class="modal-body">
<div class="alert alert-info">
<button type="button" class="close" data-dismiss="alert">×</button>
<strong>Login Student!</strong> Please Enter the Details Below.
</div>
<form class="form-horizontal" method="post">
<div class="control-group">
<label class="control-label" for="inputEmail">Username</label>
<div class="controls">
<input type="text" name="username" id="inputEmail" placeholder="Username">
</div>
</div>
<div class="control-group">
<label class="control-label" for="inputPassword">Password</label>
<div class="controls">
<input type="password" name="password" id="inputPassword" placeholder="Password">
</div>
</div>
<div class="control-group">
<div class="controls">
<button type="submit" name="login" class="btn btn-info"><i class="icon-signin icon-large"></i> Sign in</button>
</div>
</div>
<?php
if (isset($_POST['login'])) {
function clean($str) {
$str = @trim($str);
if (get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
$username = clean($_POST['username']);
$password = clean($_POST['password']);
$query = mysql_query("select * from student where username='$username' and password='$password'") or die(mysql_error());
$count = mysql_num_rows($query);
$row = mysql_fetch_array($query);
if ($count > 0) {
session_start();
session_regenerate_id();
$_SESSION['id'] = $row['student_id'];
header('location:student_home.php');
session_write_close();
exit();
} else {
header('error_login.php');
?>
<?php
}
}
?>
</form>
<!-- teacher -->
</div>
<div class="modal-footer">
<button class="btn" data-dismiss="modal" aria-hidden="true"><i class="icon-remove-sign icon-large"></i> Close</button>
</div>
</div>
login_student.php
[php]<?php
include('header.php');
//Start session
session_start();
//Unset the variables stored in session
unset($_SESSION['id']);
?>
<body>
<?php include('navhead.php'); ?>
<div class="container">
<div class="row-fluid">
<div class="span10">
<ul class="breadcrumb">
<li class="active">Login<span class="divider">/</span></li>
<li><a href="login_student.php"><i class="icon-group icon-large"></i> Teacher</a><span class="divider">/</span></li>
<li class="active"><i class="icon-group icon-large"></i> Student</li>
<div class="pull-right">
<li>
<i class="icon-calendar icon-large"></i>
<?php
$Today = date('y:m:d');
$new = date('l, F d, Y', strtotime($Today));
echo $new;
?>
</li>
</div>
</ul>
<div class="alert alert-info">
<button type="button" class="close" data-dismiss="alert">×</button>
<strong>Login Student!</strong> Please Enter the Details Below.
</div>
<form class="form-horizontal" method="post">
<div class="control-group">
<label class="control-label" for="inputEmail">Username</label>
<div class="controls">
<input type="text" name="username" id="inputEmail" placeholder="Username">
</div>
</div>
<div class="control-group">
<label class="control-label" for="inputPassword">Password</label>
<div class="controls">
<input type="password" name="password" id="inputPassword" placeholder="Password">
</div>
</div>
<div class="control-group">
<div class="controls">
<button type="submit" name="login" class="btn btn-info"><i class="icon-signin"></i> Sign in</button>
</div>
</div>
<?php
if (isset($_POST['login'])) {
function clean($str) {
$str = @trim($str);
if (get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
$username = clean($_POST['username']);
$password = clean($_POST['password']);
$query = mysql_query("select * from user where username='$username' and password='$password'") or die(mysql_error());
$count = mysql_num_rows($query);
$row = mysql_fetch_array($query);
if ($count > 0) {
session_start();
session_regenerate_id();
$_SESSION['id'] = $row['user_id'];
header('location:student_home.php');
session_write_close();
exit();
} else {
session_write_close();
?>
<div class="pull-right">
<button type="button" class="close" data-dismiss="alert">×</button>
<div class="alert alert-danger"><i class="icon-remove-sign"></i> Access Denied</div>
</div>
<?php
exit();
}
}
?>
</form>
</div>
<div class="span2">
<div class="hero-unit-1">
<ul class="nav nav-pills nav-stacked">
<li class="nav-header">Links</li>
<li><a href="index.php"><i class="icon-home icon-large"></i> Home</a></li>
<li><a href="#"><i class="icon-file-alt icon-large"></i> New And Events</a></li>
<li><a href="#"><i class="icon-sitemap icon-large"></i> Site Map</a></li>
<li><a href="#"><i class="icon-envelope-alt icon-large"></i> Contact Us</a></li>
<li class="nav-header">About US</li>
<li><a href="#"><i class="icon-book icon-large"></i> Mission</a></li>
<li><a href="#"><i class="icon-book icon-large"></i> Vision</a></li>
<li><a href="#"><i class="icon-list-alt icon-large"></i> History</a></li>
</ul>
</div>
</div>
</div>
<?php include('footer.php'); ?>
</div>
</body>
</html>
login_student.php
<?php
include('header.php');
//Start session
session_start();
//Unset the variables stored in session
unset($_SESSION['id']);
?>
<body>
<?php include('navhead.php'); ?>
<div class="container">
<div class="row-fluid">
<div class="span10">
<ul class="breadcrumb">
<li class="active">Login<span class="divider">/</span></li>
<li><a href="login_student.php"><i class="icon-group icon-large"></i> Teacher</a><span class="divider">/</span></li>
<li class="active"><i class="icon-group icon-large"></i> Student</li>
<div class="pull-right">
<li>
<i class="icon-calendar icon-large"></i>
<?php
$Today = date('y:m:d');
$new = date('l, F d, Y', strtotime($Today));
echo $new;
?>
</li>
</div>
</ul>
<div class="alert alert-info">
<button type="button" class="close" data-dismiss="alert">×</button>
<strong>Login Student!</strong> Please Enter the Details Below.
</div>
<form class="form-horizontal" method="post">
<div class="control-group">
<label class="control-label" for="inputEmail">Username</label>
<div class="controls">
<input type="text" name="username" id="inputEmail" placeholder="Username">
</div>
</div>
<div class="control-group">
<label class="control-label" for="inputPassword">Password</label>
<div class="controls">
<input type="password" name="password" id="inputPassword" placeholder="Password">
</div>
</div>
<div class="control-group">
<div class="controls">
<button type="submit" name="login" class="btn btn-info"><i class="icon-signin"></i> Sign in</button>
</div>
</div>
<?php
if (isset($_POST['login'])) {
function clean($str) {
$str = @trim($str);
if (get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
$username = clean($_POST['username']);
$password = clean($_POST['password']);
$query = mysql_query("select * from user where username='$username' and password='$password'") or die(mysql_error());
$count = mysql_num_rows($query);
$row = mysql_fetch_array($query);
if ($count > 0) {
session_start();
session_regenerate_id();
$_SESSION['id'] = $row['user_id'];
header('location:student_home.php');
session_write_close();
exit();
} else {
session_write_close();
?>
<div class="pull-right">
<button type="button" class="close" data-dismiss="alert">×</button>
<div class="alert alert-danger"><i class="icon-remove-sign"></i> Access Denied</div>
</div>
<?php
exit();
}
}
?>
</form>
</div>
<div class="span2">
<div class="hero-unit-1">
<ul class="nav nav-pills nav-stacked">
<li class="nav-header">Links</li>
<li><a href="index.php"><i class="icon-home icon-large"></i> Home</a></li>
<li><a href="#"><i class="icon-file-alt icon-large"></i> New And Events</a></li>
<li><a href="#"><i class="icon-sitemap icon-large"></i> Site Map</a></li>
<li><a href="#"><i class="icon-envelope-alt icon-large"></i> Contact Us</a></li>
<li class="nav-header">About US</li>
<li><a href="#"><i class="icon-book icon-large"></i> Mission</a></li>
<li><a href="#"><i class="icon-book icon-large"></i> Vision</a></li>
<li><a href="#"><i class="icon-list-alt icon-large"></i> History</a></li>
</ul>
</div>
</div>
</div>
<?php include('footer.php'); ?>
</div>
</body>
</html>
In my login form I'm getting the error Code: [Select] Notice: Use of undefined constant Errors - assumed 'Errors' in /home/content/n/a/t/nathanwatson/html/admin/YBK/post.php on line 91 Warning: Cannot modify header information - headers already sent by (output started at /home/content/n/a/t/nathanwatson/html/admin/YBK/post.php:91) in /home/content/n/a/t/nathanwatson/html/admin/YBK/post.php on line 91 Warning: Cannot modify header information - headers already sent by (output started at /home/content/n/a/t/nathanwatson/html/admin/YBK/post.php:91) in /home/content/n/a/t/nathanwatson/html/admin/YBK/post.php on line 92 //if the name exists it gives an error if ($check2 != 0) { //Line 85 $error="<span style="; $error .="color:red"; $error .=">"; $error .= "Sorry, the username is already in use."; $error .="</span>"; setcookie(Errors, $error, time()+20); //Line 91 header('Location: /YBK/'); //Line 92 exit; } I am createing a simply quiz site, where in order to participate in the quiz, you must first be logged in. While working on my local machine, the code works perfectly. I use the followin to create a session ID; $_SESSION['SESS_ID'] = $member['id']; Then, on my main page where i want dynamic code i include the following; if(!isset($_SESSION['SESS_ID']) || (trim($_SESSION['SESS_ID']) == '')) { print (" <div style='float:left; width:400px; height:215px; margin-left:500px;'> <form class='login' method='post' action='login-form.php' style='float:right; margin-top:120px;' > <input type='submit' class='button' name='submit' value='Sign In' style='float:right ; margin-right:20px;'> </form> <p style=' margin-top:170px; margin-left:160px;'>New Member? Start <a href='register-form.php'>Here</a></p> </div> " ); } else { print "<h4 style='float:right; text-align: right; margin-top:150px; margin-right:50px;'>Welcome ". $_SESSION['SESS_NAME']. " <a href='logout.php' style='float:right; text-align:right;'>Sign Out</a></h4> "; For some reason, when the site is on the server, the session ID does not seam to get passed along. Any Ideas how to remediy this? the website is kingdomquiz.com if anybody is interested. Hi all, Sorry to be a pain, but I've been out of the php game for quite a few years and have just come back to it briefly to help someone out. I've been using an old admin auth script that I used to use a long time ago but it's not working, and I can't for the life of me work it out :/ I apologise for the noobishness of the code, but as I said, it's been a long time. Any and all help would be very greatly appreciated. Here is the code: <? require("config.php"); mysql_connect($server,$login,$password) or die('Error connecting to server'); mysql_select_db($base) or die('Error connecting to database'); $req = mysql_query("SELECT username,mempass,level FROM members WHERE username='$admin_login'"); $data = @mysql_fetch_array($req); $member_name = $data["username"]; $member_pass = $data["mempass"]; $member_userlevel = $data["level"]; if($member_pass == $admin_pass) { SetCookie("mgdwebby","$member_name:$member_pass:$member_userlevel"); } include("header.php"); ?> <? if($action=="login") { if($admin_login==""){ echo"Wrong info. "; } elseif($admin_pass==""){ echo"Wrong info. "; } else{ require("config.php"); mysql_connect($server,$login,$password) or die('Error connecting to server'); mysql_select_db($base) or die('Error connecting to database'); $req = mysql_query("SELECT username,mempass,level FROM members WHERE username='$admin_login'"); $data = @mysql_fetch_array($req); $member_name = $data["username"]; $member_pass = $data["mempass"]; if($member_pass == $admin_pass) { echo"<head><meta http-equiv=\"refresh\" content=\"2;URL=admin.php\"></head><br><center>Please Wait.</center><br>"; $auth = explode(":",$HTTP_COOKIE_VARS["mgdwebby"]); if(empty($auth[0]) || empty($auth[1])) { } else { echo"Welcome<br>"; include("admin_left.php"); } } else { echo"Wrong info. "; } } } else { echo"<form method='post' action='?action=login'> <table width='307' align='center' cellspacing='0' cellpading='0' border='0'> <tr> <td width='200'> Login : </td> <td> <input type='text' name='admin_login'></td> </tr> <tr> <td width='200'> Password : </td> <td> <input type='password' name='admin_pass'></td> </tr> <tr> <td colspan='2' align='center'><center><input type='submit' value='Login'></center></td> </table> "; } ?> <? include("footer.php"); ?> I have this working code except I can't redirect to a thank you page when a new user registers. When they login it works without issue. I just don't know where or what to put for the registration part.
Here is my Code. Any help would be much appreciated.
<?php Could anyone help me making a login function that checks the txt document if user and pw exists/are correct? -and if they are, sends you to a logged in page. This is for a assignment which is why I have to store the information in a text document, I know it's unsafe. Also i know i should use $_Sessions but I'm not sure how to use it and where to put it.
So far I have created the form which has 2 buttons one for registering and one for logging in. I have also created the registration function which checks the text file if the username already exists if not it will register it.
<html lang="eng">
<head>
<link rel="stylesheet" href="style.css">
<title>name</title>
</head>
<body>
<div class="formdiv">
<h2>Log in or register</h2>
<form action="" method="post">
<p>Username<p style="color:black">*</p> <input type="text" name="user" placeholder="Type in your username" required>
<p>Password<p style="color:black">*</p> <input type="password" name="pw" placeholder="Type in your password" required>
<?php
if (isset($_POST['saveBtn'])){
$username = $_POST['user'];
$password = $_POST['pw'];
$error = register($username);
if ($error == '') {
echo "User: $username has been registered!<br/>";
}
else echo $error;
}
?>
<input type="submit" name="saveBtn" value="Save new user">
<input type="submit" name="loginBtn" value="Login">
</form>
</div>
<?php // Registration
function register($user){
$textError = '';
// Check and see if user exists
$UserPassTxt = fopen("userpwd.txt","a+"); // Opens text doc
rewind($UserPassTxt);
while (!feof($UserPassTxt)) {
$line = fgets($UserPassTxt);
$tmp = explode(':', $line);
if ($tmp[0] == $user) {
$textError = "Username already exists!";
break;
}
}
if ($textError == ''){
$hash = password_hash('', PASSWORD_DEFAULT);
fwrite($UserPassTxt, "\n$user: $hash");
}
fclose($UserPassTxt); // Closes txt doc
return $textError;
}
?>
<?php //Login
function login($user, $pass){
}
?>
</body>
///here's my best attempt at the function
<?php //Login
$error = '0';
if (isset($_POST['loginBtn'])){
$username = $_POST['user'];
$password = $_POST['pw'];
$error = login($username,$password);
}
function login($user, $pass){
$errorText = '';
$validUser = false;
$UserPassTxt = fopen("userpwd.txt","r");
rewind($UserPassTxt);
while (!feof($UserPassTxt)) {
$line = fgets($UserPassTxt);
$tmp = explode(':', $line);
if ($tmp[0] == $user) {
if (trim($tmp[1]) == trim(password_hash('', PASSWORD_DEFAULT))){
$validUser= true;
$_SESSION['user'] = $user;
}
break;
}
}
fclose($UserPassTxt);
if ($validUser != true) $errorText = "Not correct username or password";
if ($validUser == true) $_SESSION['validUser'] = true;
else $_SESSION['validUser'] = false;
return $errorText;
}
function logoutUser(){
unset($_SESSION['validUser']);
unset($_SESSION['user']);
}
function checkUser(){
if ((!isset($_SESSION['validUser'])) || ($_SESSION['validUser'] != true)){
header('Location: index.php');
}
}
?>
Hi All, I Have an issue validating and inserting the data in to the database. I am beginner and the error message is new to me however i have google it but unable to find hope any one can help Thanks in advanced. Error : "Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\signupck.php on line 32 Deprecated: Function eregi() is deprecated in C:\wamp\www\signupck.php on line 50 Welcome, You have successfully signed up Click here to login" Please find the Code Below: File name:signup.php Code: [Select] <!doctype html public "-//w3c//dtd html 3.2//en"> <html> <head> <title>Fast Fix Pro Signup</title> <script type="text/javascript"> function validate(form) { if(form1.userid.value == "") { alert('Please enter userid '); form1.userid.focus(); return false; } if(form1.userid.value == "") { alert('Please enter userid '); form1.userid.focus(); return false; } if(form1.password.value == "") { alert('Please enter password '); form1.password.focus(); return false; } if(form1.password2.value == "") { alert('Please renter the password '); form1.password2.focus(); return false; } if(form1.email.value == "") { alert('Please enter Email '); form1.email.focus(); return false; } if(form1.fname.value == "") { alert('Please enter First Name '); form1.fname.focus(); return false; } if(form1.lname.value == "") { alert('Please enter Last Name '); form1.lname.focus(); return false; } if (!document.form1.agree.checked) { alert("Please Read the guidlines and check the box below ."); return false; } return true; } </script> </head> <body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000"> <br/> <br/> <table width='67%' height="454" border='0' align=center cellpadding='0' cellspacing='0'><form name="form1" method=post action="signupck.php" onsubmit='return validate(this)'><input type="hidden" name="todo" value=post> <tr bgcolor='#f1f1f1'><td align=center colspan=2><font face='Verdana' size='2' ><b>Signup</b></td></tr> <tr bgcolor='#f1f1f1'><td > <font face='Verdana' size='2' >User ID</td><td ><font face='Verdana' size='2'><input type=text name=userid></td></tr> <tr ><td > <font face='Verdana' size='2' >Password</td><td ><font face='Verdana' size='2'><input name=password type=password></td></tr> <tr bgcolor='#f1f1f1'><td > <font face='Verdana' size='2' >Re-enter Password</td><td ><font face='Verdana' size='2'><input name=password2 type=password></td></tr> <tr ><td ><font face='Verdana' size='2' > Email</td><td ><input type=text name=email></td></tr> <tr bgcolor='#f1f1f1'><td > <font face='Verdana' size='2' >First Name</td><td ><font face='Verdana' size='2'><input type=text name=fname></td></tr> <tr ><td > <font face='Verdana' size='2' >Last Name</td><td ><font face='Verdana' size='2'><input type=text name=lname></td></tr> <tr bgcolor='#f1f1f1' ><td > <font face='Verdana' size='2' >I agree to terms and conditions</td><td ><font face='Verdana' size='2'><input type=checkbox name=agree value='yes'></td></tr> <tr ><td align=center colspan=2><input type=submit value=Signup> <input name="Reset" type=reset value=Reset> <td colspan=2 align=left> </td></td></tr> </table> <center> <br><font face='Verdana' size='2' ><a href='login.php'>Already a member ? Please Login</a></font></center> </body> </html> File Name :signuppck.php Code: [Select] <?php include ("Connection.php");// database connection details stored here ?> <!doctype html public "-//w3c//dtd html 3.2//en"> <html> <head> <title>(Type a title for your page here)</title> <meta name="GENERATOR" content="Arachnophilia 4.0"> <meta name="FORMATTER" content="Arachnophilia 4.0"> </head> <body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000"> <?php extract($_POST); //<---I don't recommand this really if(isset($todo) and $todo=="post") { $status = "OK"; $msg=""; // if userid is less than 3 char then status is not ok if(!isset($userid) or strlen($userid) <3) { $msg=$msg."User id should be =3 or more than 3 char length<BR>"; $status= "NOTOK"; } if(mysql_num_rows(mysql_query("SELECT userid FROM signup WHERE userid = '$userid LIMIT 1' "))) <-------------------(line 32) { $msg=$msg."Userid already exists. Please try another one<BR>"; $status= "NOTOK"; } if ( strlen($password) < 3 ) { $msg=$msg."Password must be more than 3 char legth<BR>"; $status= "NOTOK"; } if ( $password <> $password2 ) { $msg=$msg."Both passwords are not matching<BR>"; $status= "NOTOK"; } if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) <--------------- (Line 50) { $msg=$msg."enter valid email address<BR>"; $status= "NOTOK"; } if ($agree<>"yes") { $msg=$msg."You must agree to terms and conditions<BR>"; $status= "NOTOK"; } if($status<>"OK") { echo "<font face='Verdana' size='2' color=red>$msg</font><br><input type='button' value='Retry' onClick='history.go(-1)'>"; }else{ // if all validations are passed. $query=mysql_query("INSERT INTO signup(userid,password,email,Fname,Lname) values('$userid','$password','$email','$fname','$lname')");; echo "<font face='Verdana' size='2' color=green>Welcome, You have successfully signed up<br><br><a href=login.php>Click here to login</a><br></font>"; } } ?> </body> </html> File Name :<include file> Code: [Select] <HTML> <HEAD> <TITLE>Connecting to Database</TITLE> </HEAD> <BODY> <?php $db = "quantas"; mysql_connect("localhost","root","") or die (mysql_error()); mysql_select_db($db); ?> </BODY> </HTML> Is there a way to get current logged in username and based on that redirect to a different page? I’m using the following secure PHP login without MySql as a login system: https://sourceforge.net/projects/phploginbyvallastech/ Now I’m looking to redirect each logged in user to their personalized page. But I can’t figure out how to A) fetch the current logged in user and B) redirect multiple users. This code redirects to the latter address, but the username based redirect is not working: <?php session_start(); if ($_SESSION["username"]==User1){ header("location: user1content.php"); exit; } else { header("location: generalcontent.php"); exit; } { ?> <?php } ?>
So it’s clearly not fetching the logged in user. Though <?php echo $login->username; ?> fetches the username just fine. I have a form that has a section where you can pick multiple check boxes and when the info is returned to me it has the word Array at the end of it. There are 2 check boxes on the form one fo Steve and one for Ben Below is the code I am using in my PHP file foreach($_POST['TestGroup'] as $val) { echo $val . "\n"; } The output from the PHP code is----Steve Ben Array.------ How do I keep Array from coming up? hi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? |
|||||||